See also Email Management Lags slideshow.
Enterprises are unable to deal with the torrent of
e-mail records bombarding their users because so many of them fail to set
policies regarding retention, deletion and classification of e-mails, according
to a report released by the Association for Information and Image
Management (AIIM).
The report detailed the findings of a recent survey
conducted among 1,109 members of AIIM, which showed most organizations fail to
consistently handle e-mail management for legal discovery or efficiency
purposes.
In spite of the prevailing use of e-mail as a common means
of communicating business obligations and relationships, the survey found that
over 50 percent of organizations don’t have policies to deal with important
e-mails as shareable and retrievable records. And more than 84 percent have no way to
justify e-mails of a certain age or type have been deleted.
“In a large organization, several millions of emails are
handled each day. Most are of no lasting consequence, but each day there will
be a significant number of important emails involving the organization in
obligations, agreements, contracts, regulations and discussions, all of which
might be of legal significance.”
Approximately a third of respondents said that their
organizations have no policy to deal with legal discovery of e-mail records and
about 40 percent of respondents believe that their organizations would need to
laboriously search through back-up tapes to find e-mails that could be relevant
to litigation.
Electronic discovery, also known as e-discovery, has been a
growing concern for legal departments and risk management professionals ever
since the new U.S. Rules of Civil Procedure were released in December 2006,
requiring disclosure of all types of electronic documents during the discovery
phase of trials. With e-mail included in that long list of unstructured
electronic data, enterprises have been scrambling to reliably and
cost-effectively track and find data when necessary.
“Companies aren’t as consistent about it as they need to
be,” says Chuck Burke, president of The Normandy Group, a Cincinnati-based
consultancy. “I think that companies don’t realize how much information is
contained within their e-mail stores.”
As a consultant, Burke helps clients get a handle on e-mail
management as a part of their overall risk management strategy. Out in the
field he has seen plenty of anecdotal evidence to back up AIIM’s findings. Not
only are there many enterprises that still lack policies regarding e-mail
management, but he also says that the majority that do have policies fail to
properly enforce them.
He believes that many companies do not take the matter
seriously because they have not yet experienced the pain associated with
non-compliance of discovery mandates. Unfortunately, enterprises are not
learning from each others’ mistakes in regard to e-discovery because failures
are not always publicized the way that, say, major security breaches are
brought to light. Many of these incidents unfold under sealed court
proceedings, so the fiscal consequences aren’t always plastered all over the
media.
“I don’t think they understand how bad they’re at risk based
on other companies’ experiences,” Burke says. “They’re not hearing those
things, so therefore they’re not understanding the risks that they themselves
are facing.”
News is slowly trickling out about the risks, however. Most
recently, reports emerged from a case between Qualcomm
and Broadcom in which where Qualcomm and its counsel failed to turn over
e-mail evidence in a timely fashion. The judge admonished the
telecommunications giant, threatening state bar sanctions and requiring it to
pay $8.5 million for Broadcom’s litigation costs as a result of the failure.
Many times the issue enterprises face is the fact that they
may still have e-mail documents in storage, but it takes too long to find it to
satisfy court needs. Over a quarter of survey respondents said it would take
over a month to produce e-mail evidence for court proceedings. And over half of
respondents said they lack confidence that e-mails related to documenting
commitments and obligations made by staff are recorded, complete and
recoverable.
Failing to properly manage e-mail is not only adding
unnecessary legal risk, either. It is also bogging down users, says Doug Miles,
director of market intelligence at AIIM and the author of the report.
“This is not just a legal discovery issue. Finding and
recovering past emails is cited as the number two problem with email as a
business tool – after ‘sheer overload’ at number one,” Miles said in a statement,
emphasizing that the survey found that on average users spend more than an hour
and a half per day processing e-mail.